Analysis
-
max time kernel
85s -
max time network
131s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
23-05-2024 09:08
Static task
static1
Behavioral task
behavioral1
Sample
281b54ec38077b4702eddd1c3b0ef468f920d6c1a8ce6b2ef7857e0dba031673.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
281b54ec38077b4702eddd1c3b0ef468f920d6c1a8ce6b2ef7857e0dba031673.apk
Resource
android-x64-20240514-en
General
-
Target
281b54ec38077b4702eddd1c3b0ef468f920d6c1a8ce6b2ef7857e0dba031673.apk
-
Size
6.0MB
-
MD5
d1bf01126b1d5a86c04382ed55bfecc9
-
SHA1
1c53690da52d40dcfe356c25501b0bcfdba4b62c
-
SHA256
281b54ec38077b4702eddd1c3b0ef468f920d6c1a8ce6b2ef7857e0dba031673
-
SHA512
2525e886bcc19fcf4c6d9e364972708b67e345616096f5b7e01e18715dadb4d0ab90ae66a963579b6d17e937189ad7ca0dedcc54d0a8d65f009f5df8b41c0a17
-
SSDEEP
98304:9ykf6foKgMSeQuhM1deG+8dCzyxkXi11P+9bhXQ9i6cksJWg7nn1aNxt8GtheB2N:Ikifh0x1k211mDiio2W0n1+xTiY
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.geradorsantandesioc pid process /data/user/0/com.geradorsantandes/cache/natives_sec_blob5641712698687201986.dex 5117 com.geradorsantandes /data/user/0/com.geradorsantandes/cache/natives_sec_blob5641712698687201986.dex 5117 com.geradorsantandes -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.geradorsantandesdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.geradorsantandes
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.geradorsantandes/cache/natives_sec_blob5641712698687201986.dexFilesize
820KB
MD5b577acbdabacebb71baf54ab37cbd538
SHA15cb72d862636c11ee9ee415c1a1cae47d42f257f
SHA2567068f5a812b33eeb9c2b200730c8632d2d10f7df2d6a836ad31d286b6a7e04e6
SHA512076f09382c485bbee2aff75eebcb0951e60929fe0e1c5cd971f6fc69cd60e3c6510e5759e300bccbdf4fe857245ec737a5bb2c33e58513d8fa3132d85dfbe4e8
-
/data/data/com.geradorsantandes/cache/oat/natives_sec_blob5641712698687201986.dex.cur.profFilesize
513B
MD5ca5cd1b9f090b27bf5525744b3b345e2
SHA15c2565f7dc81c433eeb1526d33bdd67b271651f4
SHA25697db65c90a7977f26d1142d7d2a0d4da3235b55f8766f87ea877ce55de55848b
SHA51282f4ee10c1705051c52166db31a8f8160b0a00609f6d2bbea0be57f8aca822ea508ada63c085271aee01853b9cc7969d0f92522894733379ebe6b0157e5a5964
-
/data/data/com.geradorsantandes/files/cloneSettings.jsonFilesize
18KB
MD59ccaec6c3593c27aa79796041fc2f61a
SHA1144f6df57b625f3df5bc6fefba7c03f6ec775691
SHA256eaa8d445e191c7565c9cf8dc79a64572dc76050e6f6da08abb0f41487d8e9194
SHA512a7566f6f8248cd78fed201df5c69092c5602515bbf15b6c1e720dfa63d2dd8162a321dd9193344f7203746205fbc3196ba2eba5dea43428e5747675b1c18be9c